[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80963 Download | Alert*

Shells running as root inherited PS4 from the environment, allowing PS4 expansion performing command substitution. Local attacker could gain arbitrary code execution via bogus setuid binaries using system/popen by specially crafting SHELLOPTS+PS4 environment variables. Fixed In Version: bash 4.4

spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.

CVE-2017-8361: The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. CVE-2017-8362: The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service via a crafted audio file. CVE-2017-8363: The flac_buffer_copy function ...

CVE-2017-6886: Memory corruption in the parse_tiff_ifd An error within the "parse_tiff_ifd" function in LibRaw versions before 0.18.2 can be exploited to corrupt memory. Fixed In Version: LibRaw 0.18.2

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.

CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.

CVE-2017-9468: When receiving a DCC message without source nick/host, Irssi would attempt to dereference a NULL pointer. Fixed In: Irssi 1.0.3 Reference: Patch. CVE-2017-9469: When receiving certain incorrectly quoted DCC files, Irssi would try to find the terminating quote one byte before the allocated memory. Fixed In: Irssi 1.0.3 Reference: Patch.

All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload ashared library to a writable share, and then cause the server to load and execute it. Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to correct the defect.

An integer overflow vulnerability in nginx range filter module in ngx_ function was found, potentially resulting in memory disclosure when used with 3rd party modules. Issue can be triggered by specially crafted http range request resulting into leaking the content of the cache file header. Affected versions nginx 0.5.6 - 1.13.2. Fixed In Version nginx 1.13.3, nginx 1.12.1 Reference Patch


Pages:      Start    3478    3479    3480    3481    3482    3483    3484    3485    3486    3487    3488    3489    3490    3491    ..   8096

© SecPod Technologies